怪しい「QRコード」に注意、読み取るとウイルスがダウンロード
カスペルスキー研究所が報告、有料サービスを勝手に利用
http://itpro.nikkeibp.co.jp/article/NEWS/20111005/370152/?ST=security
コンピュータウイルス・不正アクセスの届出状況[9月分および第3四半期]について
http://www.ipa.go.jp/security/txt/2011/10outline.html
Adobe SSL Certificate Problem (fixed)
http://isc.sans.edu/diary.html?storyid=11737
Mozilla Firefox CVE-2011-2997 Remote Memory Corruption Vulnerability
http://www.securityfocus.com/bid/49812
Mozilla Firefox/Thunderbird/SeaMonkey Enter Key Dialog Bypass Vulnerability
http://www.securityfocus.com/bid/49837
Mozilla Firefox/Thunderbird/SeaMonkey OGG headers Use-After-Free Memory Corruption Vulnerability
http://www.securityfocus.com/bid/49808
Mozilla Firefox and SeaMonkey CVE-2011-3002 Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/49813
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2011-3000 HTTP Response Splitting Vulnerability
http://www.securityfocus.com/bid/49849
Mozilla Firefox CVE-2011-2995 Remote Memory Corruption Vulnerability
http://www.securityfocus.com/bid/49810
Mozilla Firefox and SeaMonkey CVE-2011-3003 Remote Code Execution Vulnerability
2011-10-05
http://www.securityfocus.com/bid/49847
+- FreeBSD-SA-11:05.unix: Buffer overflow in handling of UNIX socket addresses
http://security.freebsd.org/advisories/FreeBSD-SA-11:05.unix.asc
+ Samba 'mtab' Lock File Handling Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/49940
- Linux kernel l2cap Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/48472
phpPgAdmin 5.0.3 released
http://www.postgresql.org/about/news.1356
Sudo 1.8.3rc4 released
http://www.sudo.ws/sudo/devel.html#1.8.3rc4
InterScan Messaging Security Suite 7.0 Linux 版 SP1 Patch3 公開のお知らせ
http://www.trendmicro.co.jp/support/news.asp?id=1658
Debian : [DSA-2314-1] puppet: Multiple vulnerabilities
http://www.criticalwatch.com/support/security-advisories.aspx?AID=36805
Digital Defense Inc. : [DDIVRT-2011-34] Metropolis Technologies OfficeWatch Directory Traversal
http://www.criticalwatch.com/support/security-advisories.aspx?AID=36806
Digital Defense Inc. : [DDIVRT-2011-36] Cybele Software, Inc. ThinVNC Product Suite Arbitrary File Retrieval
http://www.criticalwatch.com/support/security-advisories.aspx?AID=36807
Red Hat : [RHSA-2011:1349-01] rpm: Important Advisory
http://www.criticalwatch.com/support/security-advisories.aspx?AID=36804
Stefan Schurtz : [SSCHADV2011-023] Phorum 5.2.18 Cross-site scripting vulnerability
http://www.criticalwatch.com/support/security-advisories.aspx?AID=36808
発表に先駆けて出現、「iPhone 5」ウイルスメール
リンクをクリックするとウイルス感染、パソコンを乗っ取られる恐れ
http://itpro.nikkeibp.co.jp/article/NEWS/20111005/370148/?ST=security
Proofpoint、中小向けに簡略化したメールセキュリティSaaS
http://itpro.nikkeibp.co.jp/article/NEWS/20111004/370095/?ST=security
New open source Security Framework
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2011-10/msg00015.html
Multiple vulnerabilities in SonicWall
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2011-10/msg00014.html
vTiger CRM 5.2.x <= Multiple Cross Site Scripting Vulnerabilities
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2011-10/msg00013.html
Sunway pNetPower AngelServer Two Vulnerabilities
http://secunia.com/advisories/46161/
WordPress Web Minimalist Theme URL Cross-Site Scripting Vulnerability
http://secunia.com/advisories/46294/
ThinVNC Pro File Transfer Security Bypass Security Issue
http://secunia.com/advisories/46254/
Novell Identity Manager Cross-Site Scripting Vulnerabilities
http://secunia.com/advisories/46268/
KDE KSSL Certificate Text Format Enforce Vulnerability
http://secunia.com/advisories/46157/
rekonq Certificate Text Format Enforce Vulnerability
http://secunia.com/advisories/46303/
Phorum "admin.php" Cross-Site Scripting Vulnerability
http://secunia.com/advisories/46282/
conceptcms Multiple Path Disclosure Weaknesses
http://secunia.com/advisories/46208/
Debian update for puppet
http://secunia.com/advisories/46243/
WordPress Black-LetterHead Theme URL Cross-Site Scripting Vulnerability
http://secunia.com/advisories/46305/
Joomla! Google Website Optimizer Component Section Names Script Insertion Vulnerability
http://secunia.com/advisories/46291/
WordPress Atahualpa Theme "s" Cross-Site Scripting Vulnerability
http://secunia.com/advisories/46297/
WordPress ZenLite Theme "s" Cross-Site Scripting Vulnerability
http://secunia.com/advisories/46296/
WordPress Morning Coffee Theme URL Cross-Site Scripting Vulnerability
http://secunia.com/advisories/46295/
WordPress SmoothGallery Plugin "src" Arbitrary File Upload
http://secunia.com/advisories/46272/
OpenStack Compute (Nova) QCOW2 Security Bypass Security Issue
http://secunia.com/advisories/46240/
Perl Crypt-DSA Module Insecure Random Number Generator Security Issue
http://secunia.com/advisories/46275/
Red Hat update for rpm
http://secunia.com/advisories/46273/
Novell Identity Manager Roles Based Provisioning Module Input Validation Flaw in 'apwaDetailId' Permits Cross-Site Scripting Attacks
http://www.securitytracker.com/id/1026138
Google Chrome Multiple Flaws Let Remote Users Execute Arbitrary Code
http://www.securitytracker.com/id/1026137
NETGEAR Wireless Cable Modem Gateway Auth Bypass and CSRF Vulnerabilities
http://www.securiteam.com/securitynews/6H02V152UG.html
IceWarp Mail Server 10.3.2 Multiple Vulnerabilities
http://securityreason.com/securityalert/8404
CA Total Defense Suite reGenerateReports Stored Procedure SQL Injection
http://securityreason.com/securityalert/8403
Cytel Products Data Processing Multiple Buffer Overflow Vulnerabilities
http://www.vupen.com/english/ADV-2011-2129.php
GenStat File Data Processing Multiple Memory Corruption Vulnerabilities
http://www.vupen.com/english/ADV-2011-2128.php
phpPgAdmin Data Processing Unspecified Code Execution Vulnerabilities
http://www.vupen.com/english/ADV-2011-2127.php
FFmpeg File Processing Memory Corruption Code Execution Vulnerabilities
http://www.vupen.com/english/ADV-2011-2126.php
KDE KSSL and Rekonq Certificate Processing Input Validation Vulnerability
http://www.vupen.com/english/ADV-2011-2125.php
Investintech SlimPDF Reader Multiple Memory Corruption Vulnerabilities
http://www.vupen.com/english/ADV-2011-2124.php
GenStat <= 14.1.0.5943 Multiple Vulnerabilities
http://www.exploit-db.com/exploits/17931
Cytel Studio <= 9.0.0 Multiple Vulnerabilities
http://www.exploit-db.com/exploits/17930
Google Chrome < 14.0.835.163 PDF File Handling Memory Corruption
http://www.exploit-db.com/exploits/17929
Ashampoo Burning Studio Elements 10.0.9 (.ashprj) Heap Overflow
http://www.exploit-db.com/exploits/17928
KDE KSSL Common Name SSL Certificate Spoofing Vulnerability
http://www.securityfocus.com/bid/49925
spidaNews 'id' Parameter SQL Injection Vulnerability
http://www.securityfocus.com/bid/47132
Google Chrome Prior to 14.0.835.163 Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/49658
Linux Kernel 'CIFSFindNext()' Function Denial of Service Vulnerability
http://www.securityfocus.com/bid/49295
Linux kernel l2cap Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/48472
rpm-python RPM File Handling Remote Memory Corruption Vulnerability
http://www.securityfocus.com/bid/49799
Linux Kernel 'inet_diag_bc_audit()' Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/48333
Linux Kernel EFI Partition Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/47796
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2011-3000 HTTP Response Splitting Vulnerability
http://www.securityfocus.com/bid/49849
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2011-3232 YARR Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/49850
Mozilla Firefox/SeaMonkey/Thunderbird CVE-2011-2999 Cross Domain Scripting Vulnerability
http://www.securityfocus.com/bid/49848
Mozilla Firefox CVE-2011-2995 Remote Memory Corruption Vulnerability
http://www.securityfocus.com/bid/49810
Mozilla Firefox CVE-2011-2997 Remote Memory Corruption Vulnerability
http://www.securityfocus.com/bid/49812
Mozilla Firefox/Thunderbird/SeaMonkey Enter Key Dialog Bypass Vulnerability
http://www.securityfocus.com/bid/49837
Mozilla Firefox/Thunderbird/SeaMonkey Enter Key Dialog Bypass Weakness
http://www.securityfocus.com/bid/49811
Mozilla Firefox/Thunderbird/SeaMonkey OGG headers Use-After-Free Memory Corruption Vulnerability
http://www.securityfocus.com/bid/49808
Linux Kernel IPv6 Fragment Identification Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/48802
Linux Kernel 'fs/befs/linuxvfs.c' Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/49256
WordPress Timthumb Plugin 'timthumb' Cache Directory Arbitrary File Upload Vulnerability
http://www.securityfocus.com/bid/48963
JBoss Enterprise Application Platform Multiple Vulnerabilities
http://www.securityfocus.com/bid/39710
Samba 'mtab' Lock File Handling Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/49940
Google Chrome Prior to 14.0.835.202 Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/49938
Easy Hosting Control Panel FTP Account Security Bypass Vulnerability
http://www.securityfocus.com/bid/49937
CF Image Hosting 'q' Parameter Local File Disclosure Vulnerability
http://www.securityfocus.com/bid/49936
Novell Identity Manager 'apwaDetail' Multiple Cross Site Scripting Vulnerabilities
http://www.securityfocus.com/bid/49935
Ashampoo Burning Studio Elements '.ashprj' File Remote Heap Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/49932
Concrete5 SQL Injection and Cross Site Scripting Vulnerabilities
http://www.securityfocus.com/bid/49931
SonicWall NSA 4500 HTML Injection and Session Hijacking Vulnerabilities
http://www.securityfocus.com/bid/49930
Joomla! Google Website Optimizer Component HTML Injection Vulnerability
http://www.securityfocus.com/bid/49929
Perl Crypt-DSA Module Random Number Values Security Weakness
http://www.securityfocus.com/bid/49928
vtiger CRM Multiple Cross Site Scripting Vulnerabilities
http://www.securityfocus.com/bid/49927
Google Chrome 14.0.835.202 released
http://googlechromereleases.blogspot.com/2011/10/stable-channel-update.html
CentOS alert CESA-2011:1349 (rpm)
http://lwn.net/Alerts/461561/
Thunderbird Beta Channel: new update available
https://developer.mozilla.org/devnews/index.php/2011/10/04/thunderbird-beta-channel-new-update-available-4/
http://www.mozilla.org/thunderbird/8.0beta/releasenotes/
0 件のコメント:
コメントを投稿